Document APIs Done Right
At Trailhead, we have built many enterprise-grade .NET APIs that deal with managing documents – files, photos, PDFs, etc – and in this blog I will distill some best practices that will help you optimize your API and download performance, reducing the processing burden and memory requirements for your API. These techniques work equally well […]
Microservices – Is This the Right Architecture for Me? Part One – The Problem
Microservices – have you heard the buzzword? Does this describe you? You are responsible for the architecture or product management of an enterprise sized software system. This could be an in-house system, or some software as a service system you are offering to your customers, vendors or partners. You manage or coordinate several teams of […]
Protecting Legacy .NET APIs with modern IdentityServer Tokens
Modern aspnetcore Web APIs are relatively easy to protect using Bearer Tokens issued by Duende IdentityServer. But there is a lot of legacy .NET framework code out there. This blog contains some simple tips to bring modern authentication to that world. Here is the big picture: This example starts with a legacy API written classic […]
Calling APIs with OAuth2 Access Tokens – The Easy Way!
Scenario: Your API needs to call another REST API – or your Console App or Web Job needs to call some other REST API. You can acquire an access token to that API from an OAuth2 Security Token Service such as Duende Identity Server, Okta, Auth0 or Azure Active Directory. This blog shows you how […]
Rendering QR Codes on fillable PDFs
I was recently working on a project where a fillable PDF form was populated with data and a QR code needed to be placed on the form. Here an easy way to accomplish that: First, load the form – in this example I just read it from a file. I am using this two page […]
Breaking change in AspNetCore 2.2 for SignalR and CORS
To get authenticated SignalR hubs to work, you need to allow credentials in CORS, so your aspnetcore code might look like this: services.AddCors(action => action.AddPolicy(policyName, builder => builder .AllowAnyMethod() .AllowAnyHeader() .AllowAnyOrigin() .AllowCredentials())); As of 2.2. you can no longer combine AllowAnyOrigin and AllowCredentials! You will see a warning in the debug output: warn: Microsoft.AspNetCore.Cors.Infrastructure.CorsService[11] The […]
AspNetCore – multi tenant tips and tricks
In two recent posts, I blogged about SignalR in .AspNet Core 2.1, and automating boilerplate multitenancy code in Entity Framework Core 2.1. Both these blogs alluded to knowing the identity of the calling user through claims and dependency injection. This blogs ties together those loose ends to show how that can be done. Authenticating the […]
Entity Framework Core 2.1 – Automate all that boring boiler plate!
In any real world enterprise application, you end up writing a lot of similar, tedious boilerplate code for bookkeeping . This logic results in a data model where each table is adorned with a lot of non-domain specific columns – does this look familiar? There are three common patterns at work here: Auditing – […]
SignalR as a service in Azure
In a previous post, I wrote about using SignalR in AspNetCore. Today, I tried the next step up – SignalR as a service! You will find the announcement here. This page has more details. So why would you want to run SignalR as a service, rather than embedding your Hubs in your API or Web […]
SignalR in AspNetCore
We’ve all been waiting for the first production release of SignalR for AspNetCore, and supposedly it’s going to be out there any day now. Impatient as I am, I started using 1.0.0-preview2-final – and it rocks! Here are some tips and tricks, including use of Dependency Injection and handling Multi Tenant scenarios. But first… a […]